<?php
header('Content-type:Text/html; charset=utf-8');
@$login=$_POST['z'];
@$password=$_POST['m'];
if(empty($login) || empty($password)){ 
	$mes = '登录信息不完整';
	include 'z1.php';
	die;
}
$pdo=new PDO('mysql:dbname=zc;charset=utf8','root');
$s=$pdo->prepare('select z,m from aa where z=:z');
$s->execute(array('z'=>$login));
$user=$s->fetch(PDO::FETCH_NAMED);
if(empty($user)){
	$mes = '登录名不存在！';
	include 'z1.php';
	die;	
}
if ($user['m']!=$password){
	$mes = '密码错误！';
	include 'z1.php';
	die;
}

unset($user['password']);
$user['z']=$login;

session_start();
$_SESSION['m1']=$user;

header('Refresh:2;url=/z3.php');
die('<h3>登录成功</h3><a href="/z3.php>访问主页</a>');